The study documents the scam of a developer, who is referred to as Bob. He worked at a "critical infrastructure" company in the U.S. and started outsourcing his work to China underneath his company's nose, and would only pay those people less than one fifth of his six-figure salary.

Here's how it was possible.

Bob's company had started letting employees work remotely from home on certain days, so it set up a VPN concentrator to facilitate that. The company implemented two-factor authentication for the connection, with the second factor being a physical, rotating token RSA key fob. So all Bob had to do was send the key over to China via FedEx.

The company eventually noticed strange activity in its VPN logs, so it asked Verizon for some help understanding what was going on. The logs showed that Bob was logged in from Shenyang, China, even though he was sitting at his desk.

The company initially thought there was some kind of malware routing traffic from an internal connection in China, and then back to the U.S.

But Verizon investigators quickly noticed a major red flag. The VPN connection wasn't new and had been active for at least six months.

So they zeroed in on Bob himself, and took a forensic image of Bob's computer to recover as many files as possible and check for signs of malware.

What they ended up finding were hundreds of PDF invoices from a third-party contractor in Shenyang, China.

A look at his browsing history revealed what his typical work day consisted of: